Users With Defined Email Forward Rules

Detects users that have email forwarding rules defined.

Email forwarding is mostly harmless and comes from the need to deal with life changes and organizational shifts. However, this is also a known bad pattern for people knowing they are about to change jobs and is a cause of data loss.

You can add known domains to the ignore list.

Recommended Actions

Please check if the forward rule is legitimate, for example, contractors and managers, or a potential data loss issue.

Compatibility:

Microsoft Entra ID

PreviousUser IP in Blocked State NextUsers With New Email Forward Rules

Last updated 1 year ago